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AMENDMENTS TO THE CLAIMS 

1 Claims 1-20 (Canceled without prejudice). 

Please add Claims 21-70 as follows: 

1 21 . (New) A method for automated self-repair of a computer from a software corruption, a virus 

2 infection, and a malicious software attack at anytime during operation of the computer including at startup 

3 and anytime after startup during use of the computer, the computer being of the type having a first 

4 storage that stores executable computer program instructions and a processor coupleable to the first 

5 storage, to a first random access memory, and to a first BIOS memory storing a basic input-output system 

6 (BIOS), the method comprising: 

7 in a second storage disposed within the housing of the computer: (i) storing a master 

8 template and (ii) a repair procedure that are completely isolated and protected from alteration by viral 

9 infection and malicious code from untrusted sources, and (iii) allocating storage for storing a user 

10 modified data or program, the user data allocated space, the master template, and the repair procedure 

11 being stored on logically different and separately addressable and isolated storage from each other and 

12 from the first storage, the second storage not capable of being exposed to the an untrusted data or 

13 program source; 

14 selectively operating the computer in a normal mode and a repair mode wherein: 

15 ( a ) in the normal mode, the first storage is physically present within the housing 

16 of the computer and able to support read and write operations, and the second storage is physically 

17 present within the housing of the computer but logically hidden and unable to support a write operation 

18 communication from the first storage, the first processor, the first random access memory, or the first 

19 BIOS memory; and 

20 ( b ) in ^e repair mode, the first storage is physically present in the computer and 

21 able to support read and write operations, and the second storage is physically present in the computer 

22 and logically visible and able to have only predetermined communication controlled by the repair 

23 procedure with the first storage, the predetermined communication being permitted only through a trusted 

24 processor and memory executing a repair procedure that are known to be virus and malicious code free; 

25 switching the computer operation from the normal mode to the repair mode in response 

26 to a repair start signal; 

27 automatically and without user intervention repairing the first storage to a known 

28 operational state that supports normal mode operation including generating the executable computer 

29 program instructions on the first storage using the repair procedure to copy at least a portion of the 

30 master template to the first storage through a trusted processor and memory executing a repair 

31 procedure that are known to be virus and malicious code free; and 

32 a^r completing the repairing, then automatically returning to normal mode operation. 
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1 22. (New) A method as in claim 21 , wherein the trusted processor and memory are the first 

2 processor, first random access memory, and first BIOS memory that have been cleared of any executable 

3 virus or malicious code by the repair procedure prior to permitting any communication with the second 

4 storage. 

1 23. (New) A method as in claim 21 , wherein the trusted processor and memory are a second 

2 processor, a second random access memory, and a second BIOS memory that have been cleared of any 

3 executable virus or malicious code by the repair procedure prior to permitting any communication with the 

4 second storage. 

1 24. (New) A method as in claim 21, wherein the system further provides an integrated second 

2 computing system operating concurrently with the computing system and having a second processor and 

3 a second random access memory coupled with the second processor, and the method further comprising: 

4 executing a second computing process concurrent with a first computing process involving the 

5 first processor, the first random access memory, and the first storage; 

6 the second computing process utilizing at least one of: (i) the first storage in a shared 

- 7 configuration, (ii) a functionally mirrored version of at least a portion of the first storage, and (iii) a 

8 quarantined storage different from the first storage; 

9 the second computer process monitoring activity in the first process and detecting a problem 

10 event based on the monitoring; and 

11 in response to detecting the problem event, using the second computing system to repair the 

12 problem event, the using of the second computing system including clearing the contents or the first 

13 processor and first random access memory, and another process selected from: (i) switching from the first 

14 computing system to second computing system to continue first computer system processing until the first 

15 computing system can be repaired; (ii) maintaining processing in the first computing system while the 

16 second computing system marks repairs to the first computing system; and (iii) combinations of (i) and 

17 (ii). 

1 25. (New) A method as in claim 21 , wherein switching the computer operation from the 

2 normal mode to the repair mode in response to a repair start signal; including: (1 ) if the first storage is the 

3 computer primary boot device, then altering the computer or the first storage device so that the first 

4 storage is no longer identified as the primary boot device; and (2) if the second storage is not configured 

5 as the computer primary boot device, then altering the computer or the second storage device so that the 

6 second storage is from then identified as the primary boot device. 

1 26. (New) A method as in claim 25, wherein the automatically returning to normal mode 

2 operation includes: (i) altering the computer or the second storage device so that the second storage is 

3 not the primary boot device and is not logically visible to the computer, and (ii) altering the computer or 

4 the first storage device so that the first storage is identified as the primary boot device. 
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1 27. (New) A method as in claim 26, further comprising automatically rebooting the 

2 repaired computer from the bootable first storage using the processor and not using the second storage 

3 to the normal mode. 

1 28. (New) A method as in claim 21 , further comprising: 

2 generating the start repair signal from a location physically distant from the computer and 

3 conducting the repair without further user interaction. 

1 29. (New) A method as in claim 24, further comprising operating a third computing 

2 system to control the monitoring and repair of the first computing system while the second computing 

3 system takes over first processing system operations. 

1 30. (New) A method as in claim 21 , further comprising updating and storing the updated 

2 master template so that a repaired computer system is repaired with a current updated operating system, 

3 application programs, and customized preferences and parameters, the updating and storing comprising: 

4 performing a backup of user data; 

5 entering the repair mode of operation; 

6 clearing the first processor, the first random access memory, and the first computer basic 

7 input-output system (BIOS) memory, and the first storage so that no virus or malicious code remains so 

8 that they are trusted sources and cannot contaminate the master templates; 

9 repairing the first storage by writing original master template from the second storage to 

10 the first storage; 

11 updating or adding to any of the operating system and application programs on the first 

12 storage; 

13 generating a new master template from the content of the first storage and the original 

14 master template; 

15 storing the updated master template over the original master template; 

16 optionally restoring user data not part of the master template to the first storage; and 

17 exiting the repair mode and entering the normal mode. 

1 31 . (New) A method as in claim 30, further comprising maintaining a back-up of 

2 predetermined data types for repairing the computer without loss of the data, the backup including: 

3 maintaining a user storage in logical isolation from the master template and the repair 

4 procedure; 

5 . storing backup data in the user storage; 

6 the storing being conducted in a back-up mode of operation using a backup procedure 

7 stored on the second storage; and 

8 the backup procedure including a backup application program that executes under an 

9 alternate operating system different than the operating system booting and executing from the first 

10 storage and not capable of executing instructions that may be concealed within the stored data, and 
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1 1 the backup data being securely stored and inaccessible to the user except during a repair 

12 mode operation. 

1 32. (New) A method as in claim 31, further including restoring user data to the first 

2 storage, wherein the stored backup data is restored to the first storage by the repair procedure and 

3 cannot execute instructions that may be concealed within the stored data. 

1 33. (New) A method as in claim 21, further comprising continuously or intermittently 

2 monitoring the computer for the repair start signal to initiate operation in the repair mode. 

1 34. (New) A method as in claim 21 , wherein the executable computer program 

2 instructions stored on the first storage include an operating system for the computer and application 

3 programs that execute under the operating system within the processor. 

1 35. (New) A method as in claim 21, wherein: 

2 the stored master template including information sufficient to create the executable 

3 computer program instructions on the first storage; 

4 the stored repair procedure includes a repair operating system and a repair application 

5 program executing under the repair operating system; and 

6 the repair operating system is a different operating system than an operating system 

7 stored in the master template or an operating system for operating the computer in the normal mode and 

8 stored on the first storage. 

1 36. (New) A method as in claim 21 , further including storing a backup procedure for 

2 copying data from the first storage to the second storage. 

1 37. (New) A method as in claim 21 , wherein the repair procedure is stored on a first 

2 partition of a hard disk drive, the master template is stored on a second partition of a hard disk drive, and 

3 the user data is stored on a third partition of a hard disk drive. 

1 38. (New) A method as in claim 21 , wherein in the repair mode, the predetermined 

2 communication controlled by the repair procedure is limited to copying operation communications. 

1 39. (New) A method as in claim 21 , wherein in the repair mode, the predetermined 

2 communication further include a first storage formatting operation that clears all data from the first 

3 storage. 

1 40. (New) A method as in claim 21 , wherein in the repair mode, drivers for supporting 

2 peripheral devices and other components than the first storage, the second storage, and the processor 

3 are not loaded so that recognition and operation of the peripheral devices and other components is 

4 prevented in the repair mode. 

1 41 . (New) A method as in claim 21 , wherein drivers for communicating outside a physical 

2 box housing the computer are not loaded so that external communication is prevented during the repair 

3 mode and the second storage is isolated from entities external to the computer box. 
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42. (New) A method as in claim 21 , wherein the altering of the computer or the first 
storage device so that the first storage is not the primary boot device includes altering the computer or the 
first storage device so that the first storage is not a bootable device. 

43. (New) A method as in claim 21 , wherein the first storage includes a hard disk 
drive storage and the altering of the computer or the first storage device so that the first storage is not the 
primary boot device includes setting the hard disk drive address to identify that the hard disk drive first 
storage is not the primary boot device. 

44. (New) A method as in claim 21 , wherein the first storage includes an IDE hard 
disk drive storage and the altering of the computer or the first storage device so that the first storage is 
not the primary boot device includes setting the hard disk drive IDE drive bus address to address different 
than ID=0 to identify that the hard disk drive first storage is not the primary boot device. 

45. (New) A method as in claim 21 , wherein the altering of the computer or the first 
storage device so that the first storage is not the primary boot device includes altering a BIOS of the 
computer so that so that the first storage is not identified as a bootable device. 

46. (New) A method as in claim 21 , wherein the altering the computer or the 
second storage device so that the second storage is the primary boot device further comprises 
maintaining the second storage in a powered down state until the computer or first storage device are 
configured so that the first storage is not the primary boot device and the computer or the second storage 
device are configured as the primary boot device. 

47. (New) A method as in claim 21 , wherein the second storage includes a second 
IDE hard disk drive and the altering the computer or the second storage device so that the second 
storage is the primary boot device further comprises altering the IDE hard disk drive second storage so 
that the IDE disk drive is set at an drive bus address ID=0. 

48. (New) A method as in claim 21 , wherein the second storage comprises a 
plurality of logical or physical devices and the logical or physical device storing the repair procedure is 
altered to be set as the primary boot device independent of the bootable status of other of the logical or 
physical devices. 

49. (New) A method as in claim 21 , wherein the computer automatically and without 
user intervention repairing further includes: repairing the processor to a known predetermined processor 
operational state that supports normal mode operation by clearing the processor before resetting it to an 
error and virus free processor operational state; and repairing a BIOS or CMOS to a known 
predetermined BIOS or CMOS operational state that supports normal mode operation by clearing the 
BIOS or CMOS before resetting it to an error and virus free BIOS or CMOS operational state. 

50. (New) A method as in claim 21 , wherein: 

repairing the first storage to a know operational state further comprises regenerating the 
executable computer program instructions on the first storage; and 



8 



Serial No.: 09/862,898 
Filing Date: May 21 , 2001 

4 regenerating the executable computer program instructions on the first storage comprises 

5 one of: (a) copying at least a portion of the master template to the first storage, and installing the 

6 executable computer program instructions onto the first storage using the processor to execute the repair 

7 procedure operating on the master template as data on the second storage. 

1 51 . (New) A method as in claim 21 , wherein the repair procedure includes an 

2 operating system and application program that are limited to operations that generate the executable 

3 computer program instructions on the first storage but cannot execute instructions included in the master 

4 template or the user data. 

1 52. (New) A method as in claim 21 , wherein the master template includes an 

2 operating system and the repair procedure operating system is a different operating system than an 

3 operating system of the master template. 

1 53. (New) A method as in claim 51 , wherein the limited to operations are selected 

2 from the set of operations consisting of formatting the first storage, copying bits from the second storage 

3 to the first storage. 

1 54. (New) A method as in claim 21 , wherein the signal to start operation in the 

2 repair mode is generated by a switch exposed on an external surface of the computer. 

1 55. (New) A method as in claim 21 , wherein the switch exposed on an external 

2 surface of the computer is dedicated to initiating operating in the repair mode and different from the 

3 computer power switch, computer reset switch, peripheral device operating switch, mouse button, or 

4 keyboard keys. 

1 56. (New) A method as in claim 21 , further comprising storing backup data in the 

2 user storage is performed in response to a user request or predetermined policy, and predetermined 

3 policy is a policy selected from the group of policies consisting of a periodic timed back-up, a scheduled 

4 time-of day back-up, and a user requested backup. 

1 57. (New) A method as in claim 56, wherein the back-up is performed by changing 

2 from the normal mode to the repair mode to provide isolation during the backup and then changing back 

3 to the normal mode for continued operation. 

1 58. (New) A method as in claim 56, wherein the user data is selected from the set 

2 of data consisting of: at least one of a user data, a computer system or program preference or 

3 customization, an operating system or application program component or upgrade, or another user or 

4 system modification. 

1 59. (New) A method as in claim 58, further comprising quarantining a data item in an 

2 isolated storage where any executable content of the data item cannot be executed. 

1 60. (New) A method as in claim 59, wherein the data item is an email or an email 

2 attachment. 
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1 61 . (New) A method as in claim 21 , wherein the repair mode procedure, including 

2 the repair mode operating system and the repair application program are executed in a second processor 

3 different from the first processor. 

1 62. (New) A method as in claim 21, wherein the computer is booted using a second 

2 BIOS or CMOS basic input-output system different from the BIOS or CMOS used to boot the computer 

3 from the first storage and the first processor. 

1 63. (New) A computer that can self-repair from a software corruption, a virus infection, 

2 and a malicious software attack at anytime during operation of the computer including at startup and 

3 anytime after startup during use of the computer, comprising: 

4 a first storage disposed within the computer box and adapted to store executable 

5 computer program instructions; 

6 a first processor coupleable to the first storage, to a first random access memory, and to 

7 a first BIOS memory storing a basic input-output system (BIOS), for executing the stored executable 

8 computer program instructions; 

9 a second storage disposed within the computer box and adapted to store (i) a master 

10 template and (ii) a repair procedure that are completely isolated and protected from alteration by viral 

1 1 infection and malicious code from untrusted sources, and (iii) allocating storage for storing a user 

12 modified data or program, the user data allocated space, the master template, and the repair procedure 

13 being stored on logically different and separately addressable and isolated storage from each other and 

14 from the first storage, the second storage not capable of being exposed to the an untrusted data or 

15 program source; 

16 the computer being configurable to selectively operate in a normal mode and a repair 

17 mode wherein: 

18 ( a ) in the normal mode, the first storage is physically present within the housing of the 

19 computer and able to support read and write operations, and the second storage is physically present 

20 within the housing of the computer but logically hidden and unable to support a write operation 

21 communication from the first storage, the first processor, the first random access memory, or the first 

22 BIOS memory; and 

23 ( b ) in the repair mode, the first storage is physically present in the computer and 

24 able to support read and write operations, and the second storage is physically present in the computer 

25 and logically visible and able to have only predetermined communication controlled by the repair 

26 procedure with the first storage, the predetermined communication being permitted only through a trusted 

27 processor and memory executing a repair procedure that are known to be virus and malicious code free; 

28 first switch 'ogic for automatically switching the computer operation from the normal mode 

29 to the repair mode in response to a repair start signal; 

30 re P air means for automatically and without user intervention repairing the first storage to 

31 a known operational state that supports normal mode operation; including means for generating the 
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32 executable computer program instructions on the first storage using the repair procedure to copy at least 

33 a portion of the master template to the first storage through a trusted processor and memory executing a 

34 repair procedure that are known to be virus and malicious code free; and 

35 second switch logic for automatically preparing the computer to resume normal mode 

36 operation after completing the repairing. 

1 64. A computer of the type having a processor, a random access memory coupled to 

2 the processor, and a first storage coupled for communication with the processor, the computer 

3 characterized in that: 

4 the computer may self-repair from a software corruption, a virus infection, and a 

5 malicious software attack at anytime during operation of the computer including at startup and anytime 

6 after startup during use of the computer by automatically and without user intervention repairing the first 

7 storage using a trusted processor and memory state; 

8 a master template and a computer repair procedure are stored as separately addressable logical 

9 volumes in storage that is physically present within the computer at the time a failure occurs but 

* 10 completely isolated and protected from alteration before use and during use to repair the computer by 

1 1 viral infection and malicious code from any source having a unknown or uncertain content within the 

12 computer or external to the computer, including being protected from the processor, processor coupled 

13 random access memory, and the first storage; 

14 the computer is selectively operable in at least a normal mode and a repair mode, the 

15 mode of operation being selectable at least by a user pressing a single repair mode switch operable from 

16 an external service of the computer, wherein: 

17 in the normal mode, the second storage is logically hidden from the computer system and 

18 not available as a bootable device so that no access is permitted to the second storage and optionally not 

19 electronically coupled for communication with the processor being one of (i) powered off, (ii) not coupled 

20 to a computer communication bus, or both powered off and not coupled to a computer communication 

21 bus; and 

22 in the repair mode, the second storage is logically visible to the computer system only 

23 through an operating system component of the trusted repair procedure and available as a 

24 readable/writable and bootable device only after the processor and the random access memory coupled 

25 to the processor have been cleared of all unknown or uncertain content from operation in the normal 

26 mode and all communication with external entities has been disabled, the trusted repair procedure 

27 preventing execution of any content stored on the first storage while in the repair mode. 

1 65. (New) A computer as in claim 63, wherein the trusted processor and memory 

2 are the first processor, first random access memory, and first BIOS memory that have been cleared of 

3 any executable virus or malicious code by the repair procedure prior to permitting any communication 

4 with the second storage. 

11 



) } 

66. (New) A computer as in claim 63, wherein the trusted processor and memory are a 
second processor, a second random access memory, and a second BIOS memory that have been 
cleared of any executable virus or malicious code by the repair procedure prior to permitting any 
communication with the second storage. 

67. (New) A computer as in claim 63, wherein the system further provides an integrated 
second computing system operating concurrently with the computing system and having a second 
processor and a second random access memory coupled with the second processor, and wherein: 

the second computing process executes concurrent with a first computing process 
involving the first processor, the first random access memory, and the first storage; 

the second computing process utilizing at least one of: (i) the first storage in a shared 
configuration, (ii) a functionally mirrored version of at least a portion of the first storage, and (iii) a 
quarantined storage different from the first storage; 

the second computer process monitoring activity in the first process and detecting a 
problem event based on the monitoring; and 

in response to detecting the problem event, using the second computing system to repair 
the problem event, the using of the second computing system including clearing the contents or the first 
processor and first random access memory, and another process selected from: (i) switching from the first 
computing system to second computing system to continue first computer system processing until the first 
computing system can be repaired; (ii) maintaining processing in the first computing system while the 
second computing system marks repairs to the first computing system; and (iii) combinations of (i) and (ii). 

68. (New) A computer as in claim 63, wherein changing the computer operation from the 
normal mode to the repair mode in response to a repair start signal; including switching logic that: (1) if 
the first storage is the computer primary boot device, then altering the computer or the first storage device 
so that the first storage is no longer identified as the primary boot device; and (2) if the second storage is 
not configured as the computer primary boot device, then altering the computer or the second storage 
device so that the second storage is from then identified as the primary boot device. 

69. (New) A computer as in claim 68, wherein the automatically returning to normal 
mode operation includes: (i) altering the computer or the second storage device so that the second 
storage is not the primary boot device and is not logically visible to the computer, and (ii) altering the 
computer or the first storage device so that the first storage is identified as the primary boot device. 

70. (New) A computer as in claim 69, further comprising: 

means for updating and storing the updated master template so that a repaired computer 
system is repaired with a current updated operating system, application programs, and customized 
preferences and parameters, the updating and storing comprising: 

means for performing a backup of user data; 

means for entering the repair mode of operation; 
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7 means for clearing the first processor, the first random access memory, and the first 

8 computer basic input-output system (BIOS) memory, and the first storage so that no virus or malicious 

9 code remains so that they are trusted sources and cannot contaminate the master templates; 

10 means for repairing the first storage by writing original master template from the second 

1 1 storage to the first storage; 

12 means for updating or adding to any of the operating system and application programs on 

13 the first storage; 

14 means for generating a new master template from the content of the first storage and the 

15 original master template; 

16 means for storing the updated master template over the original master template; 

17 means for optionally restoring user data not part of the master template to the first 

18 storage; and 

19 means for exiting the repair mode and entering the normal mode; and 

20 means for maintaining a back-up of predetermined data types for repairing the computer without 
" 21 loss of the data, the backup including: 

22 means for maintaining a user storage in logical isolation from the master template and 

23 the repair procedure; 

24 means for storing backup data in the user storage; 

25 the means for storing being conducted in a back-up mode of operation using a backup 

26 procedure stored on the second storage; and 

27 the backup procedure including a backup application program that executes under an 

28 alternate operating system different than the operating system booting and executing from the first 

29 storage and not capable of executing instructions that may be concealed within the stored data, and 

30 the backup data being securely stored and inaccessible to the user except during a repair mode 

31 operation. 



13 



